Security Engineer, Corporate Security - Remote, United States - Grammarly

Description

Grammarly is excited to offer a remote-first hybrid working model. Team members work primarily remotely in the United States, Canada, Ukraine, Germany, or Poland. Certain roles have specific location requirements to facilitate collaboration at a particular Grammarly hub.

All roles have an in-person component: Conditions permitting, teams meet 2–4 weeks every quarter at one of Grammarly's hubs in San Francisco, Kyiv, New York, Vancouver, and Berlin, or in a workspace in Kraków. This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that fosters trust and unlocks creativity.

Grammarly team members in this role must be based in the United States or Canada, and they must be able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub(s) where the team is based.

The opportunity

Grammarly is the world's leading AI writing assistance company, trusted by over 30 million people and 70,000 professional teams every day. From instantly creating a first draft to perfecting every message, Grammarly's product offerings help people at 96% of the Fortune 500 get their point across—and get results. Grammarly has been profitable for over a decade because we've stayed true to our values and built an enterprise-grade product that's secure, reliable, and helps people do their best work—without selling their data. We're proud to be one of Inc.'s best workplaces, a Glassdoor Best Place to Work, one of TIME's 100 Most Influential Companies, and one of Fast Company's Most Innovative Companies in AI.

Trust is critical to Grammarly's mission. The Enterprise Security team's mission is to defend Grammarly's corporate assets from all threats through risk reduction. Enterprise Security reduces risk to Grammarly by advising, supporting, building, operating, and assuring multiple critical preventive and reactive security controls in tight collaboration with teams and stakeholders across the company.

Grammarly's engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

Your impact

As a Security Engineer on the enterprise security team, you will be entrusted with the crucial responsibility of safeguarding Grammarly's corporate environment, where our amazing employees work their magic every day. From our versatile laptop fleet (Mac and Windows) to our innovative SaaS apps and other Corporate Infrastructure, you will play a vital role in ensuring our success and keeping our valuable assets secure. With a confident and thoughtful approach, you'll build and implement solutions that raise the security bar for our corporate infrastructure. If you love working on both security and operations, we are excited to have you join our dynamic team

In this role, the Security Engineer will:

• Contribute to designing and developing engineering solutions that support enterprise-wide security initiatives, such as Zero Trust.
• Collaborate with our Governance Risk and Compliance (GRC) team to help develop enterprise security standards, guidelines, and policies.
• Design, build, maintain, tune, and enhance the effectiveness of our Enterprise Security controls in a wide range of security domains, including:
• Endpoint Detection and Response (EDR)
• Email Security
• Ransomware Resilience
• Data Loss Prevention (DLP)/Insider Risk
• Conditional Access
• Vendor/Business Process Outsourcing (BPO) Security
• Device Posture and Attestation, Shadow IT
• Threat and Vulnerability Management (TVM)
• Identity and Access Management (IAM)
• Public Key Infrastructure (PKI)
• Perform risk assessments and security assurance (threat modeling, code review as necessary) on a range of systems that support Grammarly's business operations:
• Operating Systems and commercial/open-source desktop applications
• Internally developed Enterprise Infrastructure Services
• Third-Party Software as a Service (SaaS) solutions
• Network Infrastructure (ZTNA, CASB, VPN)
• Drive the remediation of security vulnerabilities identified through assessments.
• Build security automation to secure our corporate infrastructure.
• Evaluate cutting-edge Enterprise Security technology designed to increase our security posture.

We're looking for someone who

• Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
• Is inspired by our MOVE principles, which are the blueprint for how things get done at Grammarly: move fast and learn faster, obsess about creating customer value, value impact over activity, and embrace healthy disagreement rooted in trust.
• Is able to collaborate in person 2 weeks per quarter, traveling if necessary to the hub where the team is based.
• Is excited to build security controls to safeguard our systems and services.
• Has working experience in Security Assurance: Penetration Testing, Code Review, Threat Modeling.
• Is familiar with programming languages such as Python, Java, or Go for automation purposes.
• Has a strong understanding of cybersecurity threats, vulnerabilities, and mitigations.
• Is knowledgeable about the best practices and technologies of cloud security.
• Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
• Has strong communication skills and can explain complex security issues in understandable terms.
• Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.

Support for you, professionally and personally

• Professional growth: We believe that autonomy and trust are key to empowering our team members to do their best, most innovative work in a way that aligns with their interests, talents, and well-being. We support professional development and advancement with training, coaching, and regular feedback.
• A connected team: Grammarly builds a product that helps people connect, and we apply this mindset to our own team. Our remote-first hybrid model enables a highly collaborative culture supported by our EAGER (ethical, adaptable, gritty, empathetic, and remarkable) values. We work to foster belonging among team members in a variety of ways. This includes our employee resource groups, Grammarly Circles, which promote connection among those with shared identities, such as BIPOC and LGBTQIA+ team members, women, and parents. We also celebrate our colleagues and accomplishments with global, local, and team-specific programs.

Compensation and benefits

Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more:

• Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
• Disability and life insurance options
• 401(k) and RRSP matching
• Paid parental leave
• Twenty days of paid time off per year, eleven days of paid holidays per year, and unlimited sick days
• Home office stipends
• Caregiver and pet care stipends
• Wellness stipends
• Admission discounts
• Learning and development opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US and Canada locations are categorized into compensation zones based on each geographic region's cost of labor index. For more information about our compensation zones and locations where we currently support employment, please refer to this page. If a location of interest is not listed, please speak with a recruiter for additional information.

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future.

United States:

Zone 1: $320,000 - $380,000/year (USD)

Zone 2: $290,000 - $340,000/year (USD)

We encourage you to apply

At Grammarly, we value our differences, and we encourage all—especially those whose identities are traditionally underrepresented in tech organizations—to apply. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, ancestry, national origin, citizenship, age, marital status, veteran status, disability status, political belief, or any other characteristic protected by law. Grammarly is an equal opportunity employer and a participant in the US federal E-Verify program (US). We also abide by the Employment Equity Act (Canada).

Please note that EEOC is optional and specific to US-based candidates.

#LI-PM1

#LI-Hybrid

All team members meeting in person for official Grammarly business or working from a hub location are strongly encouraged to be vaccinated against COVID-19.